Overview

File libsoup-CVE-2025-46421.patch of Package libsoup2

diff -urp libsoup-2.74.3.orig/libsoup/soup-session.c libsoup-2.74.3/libsoup/soup-session.c
--- libsoup-2.74.3.orig/libsoup/soup-session.c	2025-04-15 11:39:01.552307999 -0500
+++ libsoup-2.74.3/libsoup/soup-session.c	2025-04-29 15:07:05.873681389 -0500
@@ -1189,6 +1189,11 @@ soup_session_redirect_message (SoupSessi
 						   SOUP_ENCODING_NONE);
 	}
 
+        if (!soup_uri_host_equal (soup_message_get_uri (msg), new_uri)) {
+                soup_message_headers_remove (msg->request_headers, "Authorization");
+                soup_message_set_auth (msg, NULL);
+        }
+
 	soup_message_set_uri (msg, new_uri);
 	soup_uri_free (new_uri);
openSUSE Build Service is sponsored by
Places